I've been playing with remediation code, and I've seen that remediation code
for many checks fails due to undefined functions as "populate" (to populate
defined variables) and "fix_audit_syscall_rule" (for audit checks)
I've seen that both functions (and many more) are defined inside the
datasource, in group xccdf_org.ssgproject.content_group_remediation_functions
Since I'm a complete newbie in openSCAP, I'm not sure how it should work:
* Is remediation code supposed to be selt-contained in the data source? Or
does it depend on the host having the security-guide package installed ir order
to have that functions code?
* If it's self contained, how and where are the functions code file
extracted and read by remediation code?
* If it's extracted, is there an option to keep the temp files around to
take a look?
* Maybe I need a more recent openscap version? (I'm using 1.2.17-4.el7 in
centos7)
* Should I file an issue on ComplianceAsCode GitHub repo? or am I doing
something wrong?
Thanks a lot!
--
Miguel Armas
CanaryTek Consultoria y Sistemas SL
http://www.canarytek.com/
_______________________________________________
scap-security-guide mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
